How important to you is it that vendors have readily available security compliance documentation when you begin the evaluation process?

Security & GRC Innovation & Emerging Trends

Very Important51%

Somewhat Important44%

Not Important4%

218 PARTICIPANTS

2k views1 Comment

Sort by:

Senior Director, Defense Programs in Software5 years ago

I find it interesting how important responders say it is compared to how often we all feel we are the first person in the world asking about security compliance from vendors...

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What's your experience with SAP ERP on Prem security testing? What kind of engagement did you choose for your SAP landscape—was it a deep-dive technical System Audit, a full-scope Red Team scenario, or something in between? What was the 'why' behind your decision, and what were your key takeaways?

When external volatility makes ROI calculations more complex, how do you maintain executive confidence in IT investments?

Is your budget for HR technology (such as HRIS, payroll, or talent management systems) managed and paid for primarily by the IT department in your organization?

Yes69%

No31%

Are short term bans of the use of GenAI applications and tools (such as ChatGPT) a good idea for end users in most organizations? For context see this article on the State of Maine Government's directive before you vote: https://www.govtech.com/artificial-intelligence/chatgpt-generative-ai-gets-6-month-ban-in-maine-government

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.29%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.44%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.19%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).5%

View Results

How important to you is it that vendors have readily available security compliance documentation when you begin the evaluation process?

Sort by:

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What's your experience with SAP ERP on Prem security testing? What kind of engagement did you choose for your SAP landscape—was it a deep-dive technical System Audit, a full-scope Red Team scenario, or something in between? What was the 'why' behind your decision, and what were your key takeaways?

When external volatility makes ROI calculations more complex, how do you maintain executive confidence in IT investments?

Is your budget for HR technology (such as HRIS, payroll, or talent management systems) managed and paid for primarily by the IT department in your organization?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go